Easy to use cryptographic framework for data protection: secure messaging with forward secrecy and secure data storage. Has unified APIs across 14 platforms.
Home Page: https://www.cossacklabs.com/themis
License: Apache License 2.0
![dependabot[bot] avatar](https://avatars.githubusercontent.com/in/29110?v=4 "dependabot[bot]")
Aim: make user experience in reading exceptions and errors useful, not frustrating
How to: take 'themis_secure_cell_decrypt_seal error' and transform it to 'Secure Cell failed decrypting, seal is invalid", for example
Honestly, current makefile is friendly only for a telepath or person who routinely builds with make. Can we at least have success/failure messages?
Themis and Soter core (not iOS wrapper!) are causing many warnings when are compiled by Xcode.
You can build this project using Xcode7 with default settings, pointing on x64 device or simulator to see warnings.
In iOS world having even one warning with default Xcode warning flags is a bad practice.
@mnaza please, take a look
When executing go test:
panic: runtime error: cgo argument has Go pointer to Go pointer
It seems Go 1.6 has stricter rules for passing Go pointers to C code:
golang/go#12416
As far as I can tell, there are too few checks in secure_comparator.c.
Unless I have misunderstood some assumption about ed25519, then if either Alice or Bob chose rand == rand2 == rand3 == 0, then they would always be authenticated correctly. (I know that generate_random_32 won't choose these values, but an attacker easily could).
According to wikipedia, there is also a possible attack by choosen P or Q based on they other persons P and Q. I do not think the implementation is vulnerable to this based on the order in which you exchange the messages, but I am not completely certain.
Releasing 0.9.2
By receiving a few bits of feedback sounding almost equally (github's wiki is not well suited to read our style of documentation), before proceeding with even betters docs and tutorials, which are on their way, I'd like to hear your opinions, which documentation hosting platforms / documentation generation systems could work for us.
We could of course write our own tiny website-like thing, suited for our documentation needs, but I doubt this effort is worth it right now.
src/github.com/cossacklabs/themis/gothemis/session/session.c: In function ‘on_get_public_key_for_id’:
src/github.com/cossacklabs/themis/gothemis/session/session.c:10:9: warning: implicit declaration of function ‘onPublicKeyForId’ [-Wimplicit-function-declaration]
return onPublicKeyForId(user_data, id, id_len, key, key_len);
^
src/github.com/cossacklabs/themis/gothemis/session/session.c: In function ‘on_state_changed’:
src/github.com/cossacklabs/themis/gothemis/session/session.c:15:2: warning: implicit declaration of function ‘onStateChanged’ [-Wimplicit-function-declaration]
onStateChanged(user_data, event);
^
Currently themis.podspec contains subspec named "themis".
It leads to multiple search results, when user is looking for themis in CocoaPods repo:
Historically, such naming had sense while we were solving the problem with the folder structure.
But now I suggest renaming subspecs to core and objcwrapper, if it won't break folder structure:
s.subspec 'core' do |ss|
...
end
s.subspec 'objcwrapper' do |ss|
...
end
subj
I want to migrate Swift wrapper to use Swift3.
Usually, iOS libraries support both Swift 2.3 and Swift 3 as separate branches or versions (f.e. you can use version 9.3 with Swift2.3 or version 9.4 with Swift 3 support).
What is the most preferable decision for us? Just drop Swift2.3 support and migrate to Swift3?
Code of the form:
$ka = phpthemis_gen_ec_key_pair();
$kb = phpthemis_gen_ec_key_pair();
$em = phpthemis_secure_message_wrap($ka['private_key'],$kb['public_key'],"My message");
works as expected producing an encrypted message. However, from themis_secure_message_wrap(...) in secure_message.c one would expect that passing NULL (or possibly a zero length string) for the public_key parameter would generate the "signed but not encrypted" version of the message.
But both:
$em = phpthemis_secure_message_wrap($ka['private_key'],NULL,"My message");
$em = phpthemis_secure_message_wrap($ka['private_key'],'',"My message");
result in and empty string (gettype($em) == 'string') being returned. I suspect (via zend_parse_parameters ?) the public_key explicitly or implicitly ends up as an empty string (rather than NULL) so the clause in secure_message.c that would trigger "signing" rather than "encrypting" i.e. if(public_key==NULL && public_key_length==0) cannot happen.
Expressed in phpthemis terms we have:
string phpthemis_scell_full_encrypt(string $password, string $message [, string $context])
array phpthemis_scell_auto_encrypt(string $password, string $message [, string $context])
string phpthemis_scell_user_encrypt(string $password, string $message, string $context)
string phpthemis_scell_full_decrypt(string $password, string $encrypted_message [, string $context])
string phpthemis_scell_auto_decrypt(string $password, $encrypted_message string $additional_auth_data [, string $context])
string phpthemis_scell_user_decrypt(string $password, string $encrypted_message, string $context)$context is optional for the "full" and "auto" variants but mandatory for the "user" variant. Documentation should make this variation (and the reasoning behind it) clear.
Non-Android, typical building process and docs
Study how Composer works, figure out what is necessary to wrap PHP library for Composer.
High-level objects are crippled by 'examplistic' approach to describing their functions. This works for some, but not for all. Every high-level language function should have a more formal description like this, to make people who are less interested in long experimentation sessions to only understand the function's syntax:
(example taken based on problems with PHP docs):
string phpthemis_scell_full_encrypt(string $password, string $message [,string $context]);
Description: Encrypts $message using $password and an optional $context.
Returns the encrypted message or an empty string on failure.
or
array phpthemis_scell_auto_split_encrypt(string $password, string $message [,string $context]);
Description: Encrypts $message using $password and an optional $context. On success, returns an associative array containing string elements ‘encrypted_message’ and ‘additional_auth_data’. On failure an empty string is returned.
PyThemis installs Python wrappers which refer to .so library:
from themis import smessage, scell
File "/Users/aint/themis-server/DEMO/themis/smessage.py", line 3, in <module>
themis = cdll.LoadLibrary('libthemis.o')
File "/System/Library/Frameworks/Python.framework/Versions/2.7/lib/python2.7/ctypes/__init__.py", line 443, in LoadLibrary
return self._dlltype(name)
File "/System/Library/Frameworks/Python.framework/Versions/2.7/lib/python2.7/ctypes/__init__.py", line 365, in __init__
self._handle = _dlopen(self._name, mode)
OSError: dlopen(libthemis.o, 6): image not found
Also, for some odd reason, it requires additional variables:
set DYLD_FALLBACK_LIBRARY_PATH=/usr/lib/
to actually find Themis.
Python 3.4.3 (default, Oct 12 2015, 13:56:10)
[GCC 5.2.0] on linux
Type "help", "copyright", "credits" or "license" for more information.
>>> from pythemis.scomparator import scomparator
>>> scomparator(b'asd')
Segmentation fault (core dumped)
In python3.5 code is working
... to more correctly reflect current crypto algorithms in charge for all current crypto primitives. It could be simply done by interpreting corresponding defines, e.g.
#define THEMIS_SYM_KEY_LENGTH SOTER_SYM_256_KEY_LENGTH
#define THEMIS_AUTH_SYM_ALG (SOTER_SYM_AES_GCM|THEMIS_SYM_KEY_LENGTH)
in sym_enc_message.c.
We need to study current state of Ruby and understand what, apart from EventMachine, which is deprected, to use to build examples for smessage / ssession.
It's time to write some swift code!
We've added C++ Themis and it's documentation, but forgot the examples! @mnaza be so kind not to forget to have examples by 0.9.3
We should update our podfile to be compatible with CP 1.0, but according to community feedback and number of issues in CP main repo, let's wait a bit.
When installing PyThemis on Mac OS X, it requires package Enum to run, and doens't install it automatically. On clean system there is no Enum package out of the box.
Creating a new iOS project, linking themis master as CocoaPod.
If you create new project using CocoaPods v1.0.1, your podfile includes use_frameworks! and links to the HEAD of master branch, then Pods can't be installed.
source 'https://github.com/CocoaPods/Specs.git'
platform :ios, '9.0'
project 'NoWorkingPodsDemo/NoWorkingPodsDemo.xcodeproj'
inhibit_all_warnings!
use_frameworks!
install! 'cocoapods', :deterministic_uuids => false
target :"NoWorkingPodsDemo" do
# example should work with head
pod 'themis', :git => "https://github.com/cossacklabs/themis.git"
end
Analyzing dependencies
Pre-downloading: `themis` from `https://github.com/cossacklabs/themis.git`
^[[A^[[A[!] Unable to find a specification for 'themis'.
[!] Unable to load a podspec from `themis.podspec`, skipping:
Pod::DSLError
Time has come to talk about binary distribution of Themis. The aim is to simplify build process to a point where user issues commands to 2 package managers: one for system package (themis itself), second for wrapper.
This is about experience, and even though we don't need it for our stuff, it's been privately asked for, a few times.
Obviously, we'll do .deb for Debian/Ubuntu. Any other ideas what/where we could go with this?
Project can't be compiled and build because of compilation error in Themis itself:
./themis/docs/examples/Themis-server/swift/Pods/themis/src/soter/boringssl/soter_asym_cipher.c:146:8: Implicit declaration of function 'EVP_PKEY_get0_RSA' is invalid in C99
xcode 7.3.1
xcode 8 can't compile either because of old swift version of the project.
Goal: Make Secure Message work in sign mode in Android
Howto: TBA @secumod
Write simplistic tests for all objects for all wrappers. Coordinate writing tests which you can't write yourself with @vixentael @Ignat1
The attack is send g2a or g2b as the zero point "(0, 2^255-19+1)"
unsigned char zero[32] = {0xee, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff,
0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff,
0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff,
0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0x7f};
These won't match this zero point:
themis/src/themis/secure_comparator.c
Line 168 in 50fd35d
themis/src/themis/secure_comparator.c
Line 241 in 50fd35d
Based on feedback from some of our users and (even) developers, we will try to build stand-alone documentation hosting.
We need opinions on:
Motivation:
Well, time has come to spend a few days writing wrappers for NodeJS / JavaScript.
Go wrapper for Themis
since we now have a dedicated technical writer, let's slowly accumulate examples and ideas for further enhancing Themis documentation for better understandability in comments.
[lagovas@localhost js]$ npm install jsthemis
> [email protected] preinstall /home/lagovas/development/tutorials/js/node_modules/.staging/jsthemis-072db551
> node-gyp configure && node-gyp build
make: Entering directory '/home/lagovas/development/tutorials/js/node_modules/.staging/jsthemis-072db551/build'
CXX(target) Release/obj.target/jsthemis/addon.o
In file included from ../addon.cpp:18:0:
../secure_message.hpp:25:49: error: expected class-name before ‘{’ token
class SecureMessage : public node::ObjectWrap {
^
../secure_message.hpp:33:48: error: ‘Arguments’ in namespace ‘v8’ does not name a type
static v8::Handle<v8::Value> New(const v8::Arguments& args);
^~~~~~~~~
../secure_message.hpp:34:52: error: ‘Arguments’ in namespace ‘v8’ does not name a type
static v8::Handle<v8::Value> encrypt(const v8::Arguments& args);
^~~~~~~~~
../secure_message.hpp:35:52: error: ‘Arguments’ in namespace ‘v8’ does not name a type
static v8::Handle<v8::Value> decrypt(const v8::Arguments& args);
^~~~~~~~~
../secure_message.hpp:36:49: error: ‘Arguments’ in namespace ‘v8’ does not name a type
static v8::Handle<v8::Value> sign(const v8::Arguments& args);
^~~~~~~~~
../secure_message.hpp:37:51: error: ‘Arguments’ in namespace ‘v8’ does not name a type
static v8::Handle<v8::Value> verify(const v8::Arguments& args);
^~~~~~~~~
In file included from ../addon.cpp:19:0:
../secure_keygen.hpp:25:43: error: expected class-name before ‘{’ token
class KeyPair : public node::ObjectWrap {
^
../secure_keygen.hpp:34:48: error: ‘Arguments’ in namespace ‘v8’ does not name a type
static v8::Handle<v8::Value> New(const v8::Arguments& args);
^~~~~~~~~
../secure_keygen.hpp:35:56: error: ‘Arguments’ in namespace ‘v8’ does not name a type
static v8::Handle<v8::Value> private_key(const v8::Arguments& args);
^~~~~~~~~
../secure_keygen.hpp:36:55: error: ‘Arguments’ in namespace ‘v8’ does not name a type
static v8::Handle<v8::Value> public_key(const v8::Arguments& args);
^~~~~~~~~
In file included from ../addon.cpp:20:0:
../secure_session.hpp:26:49: error: expected class-name before ‘{’ token
class SecureSession : public node::ObjectWrap {
^
In file included from ../addon.cpp:20:0:
../secure_session.hpp:34:48: error: ‘Arguments’ in namespace ‘v8’ does not name a type
static v8::Handle<v8::Value> New(const v8::Arguments& args);
^~~~~~~~~
../secure_session.hpp:35:59: error: ‘Arguments’ in namespace ‘v8’ does not name a type
static v8::Handle<v8::Value> connectRequest(const v8::Arguments& args);
^~~~~~~~~
../secure_session.hpp:36:49: error: ‘Arguments’ in namespace ‘v8’ does not name a type
static v8::Handle<v8::Value> wrap(const v8::Arguments& args);
^~~~~~~~~
../secure_session.hpp:37:51: error: ‘Arguments’ in namespace ‘v8’ does not name a type
static v8::Handle<v8::Value> unwrap(const v8::Arguments& args);
^~~~~~~~~
../secure_session.hpp:38:58: error: ‘Arguments’ in namespace ‘v8’ does not name a type
static v8::Handle<v8::Value> isEstablished(const v8::Arguments& args);
^~~~~~~~~
In file included from ../addon.cpp:21:0:
../secure_cell_seal.hpp:25:50: error: expected class-name before ‘{’ token
class SecureCellSeal : public node::ObjectWrap {
^
../secure_cell_seal.hpp:33:48: error: ‘Arguments’ in namespace ‘v8’ does not name a type
static v8::Handle<v8::Value> New(const v8::Arguments& args);
^~~~~~~~~
../secure_cell_seal.hpp:34:52: error: ‘Arguments’ in namespace ‘v8’ does not name a type
static v8::Handle<v8::Value> encrypt(const v8::Arguments& args);
^~~~~~~~~
../secure_cell_seal.hpp:35:52: error: ‘Arguments’ in namespace ‘v8’ does not name a type
static v8::Handle<v8::Value> decrypt(const v8::Arguments& args);
^~~~~~~~~
In file included from ../addon.cpp:22:0:
../secure_cell_context_imprint.hpp:25:60: error: expected class-name before ‘{’ token
class SecureCellContextImprint : public node::ObjectWrap {
^
../secure_cell_context_imprint.hpp:33:48: error: ‘Arguments’ in namespace ‘v8’ does not name a type
static v8::Handle<v8::Value> New(const v8::Arguments& args);
^~~~~~~~~
../secure_cell_context_imprint.hpp:34:52: error: ‘Arguments’ in namespace ‘v8’ does not name a type
static v8::Handle<v8::Value> encrypt(const v8::Arguments& args);
^~~~~~~~~
../secure_cell_context_imprint.hpp:35:52: error: ‘Arguments’ in namespace ‘v8’ does not name a type
static v8::Handle<v8::Value> decrypt(const v8::Arguments& args);
^~~~~~~~~
In file included from ../addon.cpp:23:0:
../secure_cell_token_protect.hpp:25:58: error: expected class-name before ‘{’ token
class SecureCellTokenProtect : public node::ObjectWrap {
^
../secure_cell_token_protect.hpp:33:48: error: ‘Arguments’ in namespace ‘v8’ does not name a type
static v8::Handle<v8::Value> New(const v8::Arguments& args);
^~~~~~~~~
../secure_cell_token_protect.hpp:34:52: error: ‘Arguments’ in namespace ‘v8’ does not name a type
static v8::Handle<v8::Value> encrypt(const v8::Arguments& args);
^~~~~~~~~
../secure_cell_token_protect.hpp:35:52: error: ‘Arguments’ in namespace ‘v8’ does not name a type
static v8::Handle<v8::Value> decrypt(const v8::Arguments& args);
^~~~~~~~~
make: *** [jsthemis.target.mk:98: Release/obj.target/jsthemis/addon.o] Error 1
make: Leaving directory '/home/lagovas/development/tutorials/js/node_modules/.staging/jsthemis-072db551/build'
gyp ERR! build error
gyp ERR! stack Error: `make` failed with exit code: 2
gyp ERR! stack at ChildProcess.onExit (/usr/lib/node_modules/npm/node_modules/node-gyp/lib/build.js:276:23)
gyp ERR! stack at emitTwo (events.js:106:13)
gyp ERR! stack at ChildProcess.emit (events.js:191:7)
gyp ERR! stack at Process.ChildProcess._handle.onexit (internal/child_process.js:204:12)
gyp ERR! System Linux 4.6.4-1-ARCH
gyp ERR! command "/usr/bin/node" "/usr/lib/node_modules/npm/node_modules/node-gyp/bin/node-gyp.js" "build"
gyp ERR! cwd /home/lagovas/development/tutorials/js/node_modules/.staging/jsthemis-072db551
gyp ERR! node -v v6.3.0
gyp ERR! node-gyp -v v3.4.0
gyp ERR! not ok
npm ERR! Linux 4.6.4-1-ARCH
npm ERR! argv "/usr/bin/node" "/usr/bin/npm" "install" "jsthemis"
npm ERR! node v6.3.0
npm ERR! npm v3.10.5
npm ERR! code ELIFECYCLE
npm ERR! [email protected] preinstall: `node-gyp configure && node-gyp build`
npm ERR! Exit status 1
npm ERR!
npm ERR! Failed at the [email protected] preinstall script 'node-gyp configure && node-gyp build'.
npm ERR! Make sure you have the latest version of node.js and npm installed.
npm ERR! If you do, this is most likely a problem with the jsthemis package,
npm ERR! not with npm itself.
npm ERR! Tell the author that this fails on your system:
npm ERR! node-gyp configure && node-gyp build
npm ERR! You can get information on how to open an issue for this project with:
npm ERR! npm bugs jsthemis
npm ERR! Or if that isn't available, you can get their info via:
npm ERR! npm owner ls jsthemis
npm ERR! There is likely additional logging output above.
npm ERR! Please include the following file with any support request:
npm ERR! /home/lagovas/development/tutorials/js/npm-debug.log
[lagovas@localhost js]$ node -v
v6.3.0
Subj.
And I'd like internal note on procedure how to update releases there. We have a very good one for iOS (hats off to ms. @vixentael), but none for ruby gem and for pip. Can I have one in my e-mail?
Somehow we forgot to port our typical examples to Go. Something for @Lagovas to do soon.
Object returning a string with current cryptographic algorithm choices for current object.
ThemisTest (objc main example) stops building on Xcode 7.1 due to imperfection of our PodSpec.
0.9.1 podspec has several error.h files at the same subfolder and it confuses xcode and leads to build error.
Build errors:
Latest podspec is based on subspecs and doesn't cause build error.
Users that install Themis directly like pod 'themis', :git => "https://github.com/cossacklabs/themis.git" are not affected.
Anyway, we really need to update podspec ASAP. We can simply bump version to 0.9.1.1 or to release 0.9.2.
@gene-eu what do you think?
Precede object's functions descriptions with a simple, close-to-realworld description, like:
Secure Cell.
Secure Cell is symmetric cryptographic container. It is designed to store data in any environment. One key is used to encrypt and decrypt.
Your 99% of the time choice is seal mode, which is most convenient and secure. Context is useful to enhance overall security, you can use row number / record id / user id as context.
Result - a string, a bit longer than original.
You might need token and imprint modes, which are ...
Problem: Secure Cell modes were inconsistently renamed during development.
Solution: Find all old names (auth auto full) and rename them.
In testing this I noticed that uninstall can fail because of it's dependencies:
uninstall: phpthemis_uninstall rubythemis_uninstall pythonthemis_uninstall
If you have not installed phpthemis then no makefile will have been generated in src/wrappers/themis/php so the attempt to uninstall phpthemis with make distclean fails and causes the whole uninstall process to stop. I don't know if this would also apply similarly for python or ruby.
However, the phpize generated ./configure uses ```php-config --extension-dir''' to determine the final destination for phpthemis.so. The default /usr/bin/php-config will return something like /usr/lib/php/extensions/no-debug-non-zts-20121212 ... which is non-writable with SIP.
A solution to this (there may be others) is to:
AOSP deprecated OpenSSL and recent versions moved to BoringSSL. Probably, we should update Themis for Android to use BoringSSL as well.
Currently the docs advise that in the context of a traditional php backed http request/response, secure session does not make a lot of sense. However it should be possible for people to use the phpthemis in the context of for example a daemonised php/cli.
From my current reading i do not believe that this is the case. My understanding (expressed in plain English) is that:
Currently in php_themis.c , while i see object meothod implementations of constructors and the wrap/unwrap functionality, i do not see any means to implement the initiating "connect request".
At the same time in php_themis.h i see defs for traditional non-object functions such as phpthemis_secure_session_generate_connect_request that have no implementation.
As ever this may be a failure of understanding on my part :)
Continue of issue #127.
Let's move from compiled OpenSSl as static lib to dynamic framework.
See comments
#127 (comment)
#127 (comment)
This is a complete list of current bugs that you or I can patch. We're providing this as reference. Most, if not all, are in the test suite and third-party tools.
It's also worth noting that we've done extensive studies, and 60% of the time our static analysis tool works all the time. Furthermore, sound and complete static analysis is shown to be undecidable, ergo we're led to a few false positives because we've adopted some unsound techniques in our tool.
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
An Open Source Machine Learning Framework for Everyone
Django
The Web framework for perfectionists with deadlines.
Laravel
A PHP framework for web artisans
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
Some thing interesting about web. New door for the world.
A server is a program made to process requests and deliver data to clients.
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Some thing interesting about visualization, use data art
Some thing interesting about game, make everyone happy.
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
Microsoft
Open source projects and samples from Microsoft.
Google
Google ❤️ Open Source for everyone.
Alibaba
Alibaba Open Source for everyone
D3
Data-Driven Documents codes.
Tencent
China tencent open source team.